Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/sZzbfGX-4QY5huiCoAyUDNvMRes.roa
File: sZzbfGX-4QY5huiCoAyUDNvMRes.roa (raw, json)
Hash identifier: SE9argP+4bVsAYJ97MNVdStcZcgo/kHpC4tOs6c6UFo=
Subject key identifier: B1:9C:DB:7C:65:FE:E1:06:39:86:E8:82:A0:0C:94:0C:DB:CC:45:EB
Certificate issuer: /CN=bfd786b24b4b30275bcc8d5244e34ee00481d790
Certificate serial: 018B430C126382AE3A307F3703031E0C6C9C
Authority key identifier: BF:D7:86:B2:4B:4B:30:27:5B:CC:8D:52:44:E3:4E:E0:04:81:D7:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9eGsktLMCdbzI1SRONO4ASB15A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/sZzbfGX-4QY5huiCoAyUDNvMRes.roa
Signing time: Wed 18 Oct 2023 13:49:06 +0000
ROA not before: Wed 18 Oct 2023 13:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 188.94.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:0c:12:63:82:ae:3a:30:7f:37:03:03:1e:0c:6c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd786b24b4b30275bcc8d5244e34ee00481d790
Validity
Not Before: Oct 18 13:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b19cdb7c65fee1063986e882a00c940cdbcc45eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:16:93:8d:b3:e6:fb:5e:60:01:01:de:55:e6:
34:b8:5f:ab:61:50:bf:7e:6c:75:9e:e9:a4:9f:a4:
80:b4:a7:f1:a5:bf:30:35:b3:2f:90:b5:5a:c0:00:
8b:9e:8f:2b:a7:e7:8d:e1:e9:99:9b:e3:ad:c8:df:
89:41:a1:12:55:33:79:63:be:ee:55:90:a7:d9:48:
f0:98:cc:30:dd:d4:ef:39:bc:62:15:fd:ad:f5:0f:
d6:7b:a5:e8:42:0c:54:1c:cc:0c:18:39:06:74:25:
ca:4b:56:ef:6f:e0:69:05:84:82:2a:2e:98:31:a6:
f2:6f:a0:af:07:0a:81:b1:3a:12:09:1a:e2:87:88:
0c:00:53:cb:0f:dd:c8:77:5c:56:91:86:6b:60:a8:
be:6a:f1:09:85:1b:6e:3c:03:58:fb:59:5d:69:a8:
3b:73:07:4e:4d:5a:3d:b2:de:80:d0:9f:5a:80:cf:
fe:bb:32:6d:a7:8d:30:40:62:51:24:2f:b9:1b:97:
08:11:0a:0f:c2:fe:09:9d:27:a5:f2:57:2b:7f:c7:
a6:b8:7b:28:94:52:31:f3:c3:f0:e7:a8:9b:a3:66:
90:79:75:25:f4:c1:fb:c3:5a:3b:1b:fa:77:d5:e2:
07:81:2d:9a:17:d3:95:a1:66:21:91:7b:20:3c:e0:
5b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9C:DB:7C:65:FE:E1:06:39:86:E8:82:A0:0C:94:0C:DB:CC:45:EB
X509v3 Authority Key Identifier:
keyid:BF:D7:86:B2:4B:4B:30:27:5B:CC:8D:52:44:E3:4E:E0:04:81:D7:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9eGsktLMCdbzI1SRONO4ASB15A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/sZzbfGX-4QY5huiCoAyUDNvMRes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e14ebe-45dd-44db-b9b7-1a1f936454ec/1/v9eGsktLMCdbzI1SRONO4ASB15A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.94.190.0/24
Signature Algorithm: sha256WithRSAEncryption
84:47:de:9d:ba:7a:ea:29:49:fe:00:10:d8:86:4c:66:b4:06:
2a:a5:75:e8:05:83:28:a8:9d:ab:53:b7:77:70:a0:71:c7:b9:
5a:47:53:8e:7a:3f:9d:64:08:89:11:43:e4:32:44:1e:bd:81:
8a:2f:67:fd:8e:7a:ff:6c:23:91:4e:95:f6:57:dd:67:31:8f:
29:f9:04:02:b7:50:1b:e1:71:52:8e:58:8d:1a:f2:4d:05:48:
d5:4e:10:59:70:9d:27:89:e2:63:69:e1:16:f3:03:84:08:24:
22:4d:37:54:2f:80:f3:23:86:f5:41:3a:77:e5:53:78:3d:aa:
07:76:7f:f2:cb:56:b4:f8:6a:32:bc:19:9b:4c:f1:54:b8:89:
17:8f:2a:a2:b3:6a:24:fc:e5:a5:f8:fa:2f:92:21:34:5d:ea:
3c:f6:21:47:cc:11:ca:38:05:ed:b4:20:df:c7:83:ef:82:03:
cf:f9:64:7c:98:a4:8a:e3:f4:27:f6:2e:02:df:a9:3f:bc:95:
80:57:dc:e4:34:45:9a:50:7f:93:2f:63:54:f9:f4:81:82:0a:
f1:6c:57:bf:13:9f:a0:be:a1:7e:89:3e:d9:a1:24:da:3b:ec:
c5:9b:e6:3e:40:4e:7a:fa:77:77:ab:0a:31:7c:a3:00:c2:eb:
0f:91:e5:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtDDBJjgq46MH83AwMeDGycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZDc4NmIyNGI0YjMwMjc1YmNjOGQ1MjQ0ZTM0ZWUwMDQ4
MWQ3OTAwHhcNMjMxMDE4MTM0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTljZGI3YzY1ZmVlMTA2Mzk4NmU4ODJhMDBjOTQwY2RiY2M0NWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBaTjbPm+15gAQHeVeY0uF+rYVC/
fmx1numkn6SAtKfxpb8wNbMvkLVawACLno8rp+eN4emZm+OtyN+JQaESVTN5Y77u
VZCn2UjwmMww3dTvObxiFf2t9Q/We6XoQgxUHMwMGDkGdCXKS1bvb+BpBYSCKi6Y
Mabyb6CvBwqBsToSCRrih4gMAFPLD93Id1xWkYZrYKi+avEJhRtuPANY+1ldaag7
cwdOTVo9st6A0J9agM/+uzJtp40wQGJRJC+5G5cIEQoPwv4JnSel8lcrf8emuHso
lFIx88Pw56ibo2aQeXUl9MH7w1o7G/p31eIHgS2aF9OVoWYhkXsgPOBbswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGc23xl/uEGOYbogqAMlAzbzEXrMB8GA1UdIwQY
MBaAFL/XhrJLSzAnW8yNUkTjTuAEgdeQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjllR3NrdExNQ2RiekkxU1JPTk80QVNCMTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lMTRlYmUtNDVkZC00NGRiLWI5Yjct
MWExZjkzNjQ1NGVjLzEvc1p6YmZHWC00UVk1aHVpQ29BeVVETnZNUmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lMTRlYmUtNDVkZC00NGRiLWI5YjctMWExZjkzNjQ1NGVj
LzEvdjllR3NrdExNQ2RiekkxU1JPTk80QVNCMTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF6+MA0G
CSqGSIb3DQEBCwUAA4IBAQCER96dunrqKUn+ABDYhkxmtAYqpXXoBYMoqJ2rU7d3
cKBxx7laR1OOej+dZAiJEUPkMkQevYGKL2f9jnr/bCORTpX2V91nMY8p+QQCt1Ab
4XFSjliNGvJNBUjVThBZcJ0nieJjaeEW8wOECCQiTTdUL4DzI4b1QTp35VN4PaoH
dn/yy1a0+GoyvBmbTPFUuIkXjyqis2ok/OWl+PovkiE0Xeo89iFHzBHKOAXttCDf
x4PvggPP+WR8mKSK4/Qn9i4C36k/vJWAV9zkNEWaUH+TL2NU+fSBggrxbFe/E5+g
vqF+iT7ZoSTaO+zFm+Y+QE56+nd3qwoxfKMAwusPkeVx
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:43 2025 by rpki-client